Skip to content

Using PGP Encryption

PGP Encryption Settings

  1. Open BlueMail.
  2. Go to Settings.
  3. Go to Privacy & Security.
  4. Select End-to-end Encryption from the security options.
  5. Select PGP Encryption.

You will see two main actions:

  • Generate New Key Pair
  • Import Existing Keys

Below these options, you’ll find:

  • Active PGP Configuration – the key pair currently used for encryption and signing.
  • All Keys – a list of all keys stored in the app.

Option 1: Generate a New PGP Key Pair

If you are new to PGP or want to create separate keys for your BlueMail account:

  1. Tap Generate New Key Pair.
  2. BlueMail will automatically create a secure public/private key pair for your account.
  3. Once generated, the new keys will appear under Active PGP Configuration.
  4. Your account will now use these keys to encrypt and sign outgoing emails.

What Happens When You Generate a Key Pair?

  • Public Key: Shared with others so they can send you encrypted messages.
  • Private Key: Stored securely on your device and used to decrypt incoming mail.

Important: Never share your private key with anyone.

Option 2: Import an Existing PGP Key

If you already have PGP keys (for example, from GnuPG, ProtonMail Bridge, OpenKeychain, etc.), you can import them into BlueMail.

How to Import Your Key

  1. Tap Import Existing Keys.
  2. In the Private key field, paste your ASCII-armored private key block.
  3. If your private key is protected with a passphrase, enter it in the Private key passphrase field.
  4. Tap Import keys to finalize.

BlueMail will validate and store your key pair. Once imported, your key will appear under Active PGP Configuration.

Before You Import

  • Ensure you trust the origin and authenticity of your key.
  • If your private key is not passphrase-protected, consider adding one for better security before importing.

Managing Your PGP Keys

After generating or importing keys:

  • The Active PGP Configuration displays the key currently used for encryption and signing.
  • The All Keys section lists every PGP key available in BlueMail.
  • You can switch active keys or remove old ones as needed.

Safe PGP Use

  • Back up your private key securely. Losing it means you cannot decrypt messages encrypted for that key.
  • Protect your passphrase and avoid storing it in plain text.
  • Share only your public key, never your private key.
  • Verify public keys received from others to avoid man-in-the-middle attacks.

Troubleshooting

“Invalid Key Format”

Ensure that:

  • The key is in ASCII-armored format (starts with -----BEGIN PGP PRIVATE KEY BLOCK-----).
  • The full key block is pasted, including header and footer.

“Wrong Passphrase”

Check:

  • That you are using the exact passphrase used when the key was created.
  • There are no extra spaces when pasting.

Keys Not Appearing

Try:

  • Restarting BlueMail.
  • Re-importing the key pair.
  • Verifying that both public and private keys are included in your export.